From b43e5d8c1692a0f15db4e621e3cff41158a47167 Mon Sep 17 00:00:00 2001
From: William Lallemand <wlallemand@haproxy.com>
Date: Tue, 28 Jan 2025 20:55:20 +0100
Subject: [PATCH] BUILD: ssl: more cleaner approach to WolfSSL without
 renegotiation

Patch discussed in https://github.com/wolfSSL/wolfssl/issues/6834

When building Wolfssl without renegotiation options, WolfSSL still
defines the macros about it, which warns during the build.

This patch completes the previous one by undefining the macros so
haproxy could build without any warning.
---
 include/haproxy/openssl-compat.h | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/include/haproxy/openssl-compat.h b/include/haproxy/openssl-compat.h
index adbe284a2..ba3fd4e50 100644
--- a/include/haproxy/openssl-compat.h
+++ b/include/haproxy/openssl-compat.h
@@ -418,8 +418,11 @@ static inline unsigned long ERR_peek_error_func(const char **func)
 #endif
 
 /* needs OpenSSL >= 0.9.7 and renegotation options on WolfSSL */
-#if !defined(SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION) && !defined(HAVE_SECURE_RENEGOTIATION) && !defined(HAVE_SERVER_RENEGOTIATION_INFO)
+#if !defined(SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION) || \
+	 (defined(USE_OPENSSL_WOLFSSL) && !defined(HAVE_SECURE_RENEGOTIATION) && !defined(HAVE_SERVER_RENEGOTIATION_INFO))
+#undef  SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
 #define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0
+#undef  SSL_renegotiate_pending
 #define SSL_renegotiate_pending(arg) 0
 #endif